is open source more secure ? Post: 302331403

Sponsored Content

Special Forums Cybersecurity is open source more secure ? Post 302331403 by bakunin on Monday 6th of July 2009 05:41:14 AM

07-06-2009

Registered User

I agree with Neo. I'd like to split the matter into two distinct parts, a theoretical and a practical one.

Even theoretically-only spoken the matter of closed-source versus open-source remains complicated. A possible advantage of open-source is the peer-review process which can take place. But to capitalize on this advantage this process has to take place at all, which is in no way guaranteed by something being open-source at all.

A possible advantage of closed-source software would be the "security by obscurity" approach. Experience suggests that this is not a (lasting) security measure at all and in the case of compromised security there is a single possible source able to provide corrective services, whereas open-source software could be changed by everybody in theory, which still leaves a lot of possible authors of corrections in practice.

Approaching the problem on a practical level it has to be stated that "security" is - like "performance" for that matter - a relative term and cannot be used absolutely. There is some value of x you want to protect and there is some estimated effort of y needed to overcome your security measures. If x is (much) bigger than y you have a security problem, otherwise you haven't.

To appraise your security status simply put yourself into the place of the intruder: will it possibly pay off to overcome your defenses? Act, if the answer is "yes" or near there, otherwise don't bother.

It is similar to what i have countlessly told executives in meetings regarding "performance": you have some demand, which can be measured (in seconds, transactions completed, kilobytes, whatever) and there is a system having to meet the demand. It comes down to "does the system meet the specified demand - yes/no?" Performance is not being "fast" but "fast enough".

The same is true for security: what you protect and the efforts for protecting it have to be in proportion and the question is not "safe" but "safe enough".

bakunin

bakunin

View Public Profile for bakunin

Find all posts by bakunin

6 More Discussions You Might Find Interesting

1. Post Here to Contact Site Administrators and Moderators

open source for the forum

This is a slick looking forum. Any chance on making the code for the forum open source?

2. IP Networking

Open Source NMS

Hello there, I wanted to know the members' opinion about the best open source network management software which uses a web browser to show its interface and results. I am interested in the software for both windows and Linux OSs. Thanks.

3. UNIX for Dummies Questions & Answers

open source antivirus

Hello What is the best open source anti virus? Thanks

4. UNIX for Dummies Questions & Answers

what is the best open source antispam?

Hello what is the best open source antispam? Thanks http://www.linuxforums.org/forum/images/smilies/icon_smile.gif

5. Shell Programming and Scripting

Open Source

Hi Friends I'm new to this UNIX - I'm working on the porting project from Solaris To Linux i just want to map some commands from solaris to Linux so can any one please tell me how to get the source code of the commands like "ls", "cu", "du" Regards sabee

6. Fedora

Is UNIX an open source OS ?

Hi everyone, I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX. Ok onto business, my questions are-: Was/Is UNIX ever an open source operating system ? If UNIX was...

LEARN ABOUT CENTOS

blkdiscard

BLKDISCARD(8)						       System Administration						     BLKDISCARD(8)

NAME

       blkdiscard - discard sectors on a device

SYNOPSIS

       blkdiscard [-o offset] [-l length] [-s] [-v] device

DESCRIPTION

       blkdiscard  is  used  to  discard  device  sectors.   This is useful for solid-state drivers (SSDs) and thinly-provisioned storage.  Unlike
       fstrim(8) this command is used directly on the block device.

       By default, blkdiscard will discard all blocks on the device.  Options may be used to modify this behavior  based  on  range  or  size,	as
       explained below.

       The device argument is the pathname of the block device.

       WARNING: All data in the discarded region on the device will be lost!

OPTIONS

       The  offset  and length arguments may be followed by the multiplicative suffixes KiB=1024, MiB=1024*1024, and so on for GiB, TiB, PiB, EiB,
       ZiB and YiB (the "iB" is optional, e.g., "K" has the same meaning as "KiB") or the suffixes KB=1000, MB=1000*1000, and so on  for  GB,  TB,
       PB, EB, ZB and YB.

       -h, --help
	      Print help and exit.

       -o, --offset offset
	      Byte offset in the device from which to discard.	Provided value will be aligned to the device sector size.  Default value is zero.

       -l, --length length
	      Number  of bytes after starting point to discard.  Provided value will be aligned to the device sector size.  If the specified value
	      extends past the end of the device, blkdiscard will stop at the device size boundary.  Default value  extends  to  the  end  of  the
	      device.

       -s, --secure
	      Perform secure discard.  Secure discard is the same as regular discard except all copies of the discarded blocks possibly created by
	      garbage collection must also be erased.  It has to be supported by the device.

       -v, --verbose
	      Print aligned offset and length arguments.

AUTHOR

       Lukas Czerner <lczerner@redhat.com>

SEE ALSO

       fstrim(8)

AVAILABILITY

       The blkdiscard command is part of the util-linux package and is available Linux Kernel Archive  <ftp://ftp.kernel.org/pub/linux/utils/util-
       linux/>.

util-linux							   October 2012 						     BLKDISCARD(8)